He gives C-sieves on the CSIDH

SoK: how (not) to design and implement post-quantum cryptography ⋮ CSIDH on the Surface ⋮ Towards post-quantum security for signal's X3DH handshake ⋮ An efficient and generic construction for signal's handshake (X3DH): post-quantum, state leakage secure, and deniable ⋮ Post-quantum key-blinding for authentication in anonymity networks ⋮ Post-quantum adaptor signature for privacy-preserving off-chain payments ⋮ Fully projective radical isogenies in constant-time ⋮ Safe-error attacks on SIKE and CSIDH ⋮ An efficient post-quantum KEM from CSIDH ⋮ Group signatures and more from isogenies and lattices: generic, simple, and efficient ⋮ Practical post-quantum signature schemes from isomorphism problems of trilinear forms ⋮ On the Security of OSIDH ⋮ Séta: Supersingular Encryption from Torsion Attacks ⋮ SHealS and HealS: Isogeny-Based PKEs from a Key Validation Method for SIDH ⋮ SCALLOP: scaling the CSI-FiSh ⋮ Generic models for group actions ⋮ Disorientation faults in CSIDH ⋮ A lower bound on the length of signatures based on group actions and generic isogenies ⋮ Candidate trapdoor claw-free functions from group actions with applications to quantum protocols ⋮ Full quantum equivalence of group action DLog and CDH, and more ⋮ \textsf{CSI-Otter}: isogeny-based (partially) blind signatures from the class group action with a twist ⋮ \( L_1\)-norm ball for CSIDH: optimal strategy for choosing the secret key space ⋮ Optimizing quantum space using spooky pebble games ⋮ DeCSIDH: delegating isogeny computations in the CSIDH setting ⋮ Key-oblivious encryption from isogenies with application to accountable tracing signatures ⋮ MR-DSS -- smaller MinRank-based (ring-)signatures ⋮ On actively secure fine-grained access structures from isogeny assumptions ⋮ Attack on SHealS and HealS: the second wave of GPST ⋮ Post-quantum asynchronous deniable key exchange and the signal handshake ⋮ Two remarks on the vectorization problem ⋮ Cryptographic group actions and applications ⋮ Calamari and Falafl: logarithmic (linkable) ring signatures from isogenies and lattices ⋮ Oblivious pseudorandom functions from isogenies ⋮ Further optimizations of CSIDH: a systematic approach to efficient strategies, permutations, and bound vectors ⋮ Group signatures and more from isogenies and lattices: generic, simple, and efficient ⋮ One-way functions and malleability oracles: hidden shift attacks on isogeny-based protocols ⋮ An efficient and generic construction for Signal's handshake (X3DH): post-quantum, state leakage secure, and deniable ⋮ A fusion algorithm for solving the hidden shift problem in finite abelian groups ⋮ \textsf{CSI-RAShi}: distributed key generation for CSIDH

• SeaSign
• CSI-FiSh

• Constructing public-key cryptographic schemes based on class group action on a set of isogenous elliptic curves
• On Lovász' lattice reduction and the nearest lattice point problem
• CSIDH: an efficient post-quantum commutative group action
• A note on the security of CSIDH
• Lossy CSI-fish: efficient signature scheme with tight reduction to decisional CSIDH-512
• Quantum cryptanalysis in the RAM model: claw-finding attacks on SIKE
• CSI-FiSh: efficient isogeny based signatures through class group computations
• SeaSign: compact isogeny signatures from class group actions
• Quantum circuits for the CSIDH: optimizing quantum evaluation of isogenies
• Another Subexponential-time Quantum Algorithm for the Dihedral Hidden Subgroup Problem
• Towards Quantum-Resistant Cryptosystems from Supersingular Elliptic Curve Isogenies
• An Improved LPN Algorithm
• New directions in cryptography
• A $T = O(2^{n/2} )$, $S = O(2^{n/4} )$ Algorithm for Certain NP-Complete Problems
• Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
• Constructing elliptic curve isogenies in quantum subexponential time
• A Subexponential-Time Quantum Algorithm for the Dihedral Hidden Subgroup Problem
• Quantum cryptanalysis of hash and claw-free functions